Silent Storm Security brings your cybersecurity and compliance stance to a higher level through a cost efficient proven set of auditing procedures across a wide range of intrusion vectors. Our approach is a simple one, take an inherently challenging process and make it as straightforward as possible.

PCI-DSS Remediation Consulting

For  all merchants and service providers undergoing a PCI assessment.

PCI-DSS Reports on Compliance

As a licensed QSA firm, we can conduct your Level 1 PCI-DSS assessment for a Report on Compliance.

23 NYCRR Part 500

Get assistance with NY regulation 23 NYCRR Part 500 establishing cybersecurity requirements for financial services companies.

HIPAA Assessments

Get a security assessment to comply with the new HIPAA Security Rule.

PCI GAP Reports

The first step for merchants and service providers seeking to be PCI compliant.


PCI SAQ Consulting

For companies needing guidance while conducting PCI Self Assessment Questionnaires.

Penetration Testing

When was your last pen-test? Get peace of mind with regular testing.

Risk Assessments

Let us identify future challenges so you can plan accordingly.

ISO Consulting

Get your ISO certificate with the help of knowledgable and experienced professionals.

NERC CIP Consulting

Protect the cyber infrastructures that are used throughout the electrical utility industry.


NIST SP 800-171 Consulting

Properly handle Controlled Unclassified Information (CUI) on non-federal information systems.

SOC Consulting

Service Organization Control (SOC) reports that address assurance for service organizations.


Customized Consulting Services

Phishing tests, USB drop tests, physical security assessments, etc.

Computer Forensics

Find, analyze and recover digital evidence on modern media.

Managed/Virtual IT

Let us manage some or all of your IT functions.



California Consumer Privacy Act (CCPA) is scheduled to become effective on January 1, 2020.


Get General Data Protection consulting to comply with the EU regulation

Request Free Consultation

Request a free consultation to see where our cost efficient services can help your IT compliance needs.

What is the HIPAA Security Rule?

The Office for Civil Rights (OCR) is responsible for issuing annual guidance on the provisions in the HIPAA Security Rule.1  (45 C.F.R. §§ 164.302 – 318.)  This series of guidances will assist organizations  in identifying and implementing the most effective and appropriate administrative, physical, and technical safeguards to secure electronic protected health information (e-PHI).

What is PCI Compliance?

The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards designed to ensure that ALL companies that accept, process, store or transmit credit card information maintain a secure environment. The Payment Card Industry Security Standards Council (PCI SSC) was launched on September 7, 2006 to manage the ongoing evolution of the Payment Card Industry (PCI) security standards with a focus on improving payment account security throughout the transaction process.


Prioritize cybersecurity investments based on risk to the business.


Have a plan for responding to insider threats.


More concerned about cybersecurity threats this year than in the past.


Collaborate with others to deepen their knowledge of security and threat trends.

*Key findings from the 2014 US State of Cybercrime Survey

Contact Silent Storm Security today.

About Silent Storm Security

The two founding partners, R. Scott Pierangelo and Ron Alejandro Abarca, believe that working together with their clients with a team mentality is the only approach. Silent Storm Security is  here to provide the facts of a particular vulnerability, not impose workflows that may be incompatible with your business goals. As a boutique cyber security firm, we are privileged to dedicate the time and resources that a corporate firm simply cannot. There is never a run around from sales, and no week long waits for a response to simple questions.

We do not provide managed services (other than policies and procedures and security training for sale) and are solely an independent audit based firm. However, if you do require managed services to meet controls for an audit framework, we have strategic partners in the industry who have proven to be proficient. We offer to consult in both English and Spanish.

Our Founders

Scott Pierangelo


Mr. Pierangelo has been conducting auditing assessments for over ten years. He has worked for Trustwave and Coalfire as a Consultant/QSA, and has conducted PCI assessments for Fortune 100 & Fortune 500 Companies. In addition, he worked as a Network Administrator for Infragard. Scott received his Master’s degree in Computer Science from Fordham University and his BA in Psychology from Hofstra University. His certifications include Certified Information Systems Security Professional (CISSP), Payment Card Industry Professional (PCIP),  Qualified Security Assessor (QSA), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM),  Certified Risk and Information Systems Control (CRISC)Certified in the Governance of Enterprise IT (CGEIT) and Project Management Professional (PMP), Certified Data Privacy Solutions Engineer (CDPSE).

Ron Abarca

R. Alejandro Abarca BSISM, CISA, CDPSE.

Mr. Abarca has been working in the information technology industry for over 18 years within both small businesses and large scale enterprise environments in the banking industry (HSBC Securities) always making information & network security his top priority with extensive experience in Access Control, Active Directory and Group Policy. Ronald received his B.S. in Information Systems Management with a concentration in Network Security & Administration from New York University. His certifications include Certified Information Systems Auditor (CISA), Certified Data Privacy Solutions Engineer (CDPSE).

Contact Silent Storm Security

Contact the compliance professionals at Silent Storm Security by calling 800-668-1419 or use the form below.